Revision ca34010f
Added by Shimon Shtein about 1 month ago
config/initializers/safemode_jail.rb | ||
---|---|---|
# Permit safemode template rendering to have basic read-only access over
|
||
# model relations
|
||
class ActiveRecord::AssociationRelation::Jail < Safemode::Jail
|
||
allow :[], :each, :first, :to_a, :map, :find_in_batches, :size, :group_by, :ids
|
||
allow :[], :each, :first, :to_a, :map, :find_in_batches, :size, :group_by, :ids, :sort_by, :select, :reject
|
||
end
|
||
|
||
class ActiveRecord::Relation::Jail < Safemode::Jail
|
||
allow :[], :each, :first, :to_a, :map, :find_in_batches, :size, :group_by, :ids
|
||
allow :[], :each, :first, :to_a, :map, :find_in_batches, :size, :group_by, :ids, :select, :reject
|
||
end
|
||
|
||
class ActiveRecord::Associations::CollectionProxy::Jail < Safemode::Jail
|
||
allow :[], :each, :first, :to_a, :map, :find_in_batches, :size, :group_by, :ids
|
||
allow :[], :each, :first, :to_a, :map, :find_in_batches, :size, :group_by, :ids, :sort_by, :select, :reject
|
||
end
|
||
|
||
class ActiveRecord::Batches::BatchEnumerator::Jail < Safemode::Jail
|
||
... | ... | |
class ActiveSupport::TimeWithZone::Jail < Safemode::Jail
|
||
allow(*Safemode.core_jail_methods(Time).uniq)
|
||
end
|
||
|
||
class Array::Jail < Safemode::Jail
|
||
allow :sort_by, :select, :reject
|
||
end
|
Also available in: Unified diff
Fixes #37367 - Switch to 'network' directive instead of ifcfg